Config Elasticsearch for a headless system

Peter_Boos · July 23, 2020, 9:35am

I'm (trying) to run ELK on a headless console only system.
So far it only says: Kibana server is not ready yet

through a ssh i can see the tail -f /var/log/syslog
Logging this error which is a bit long oneliner :

Jul 23 11:28:40 ELK kibana[572]: {"type":"log","@timestamp":"2020-07-23T09:28:40Z","tags":["warning","plugins","licensing"],"pid":572,"message":"License information could not be obtained from Elasticsearch due to Not Found :: {\"path\":\"/_xpack\",\"statusCode\":404,\"response\":\"<!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\">\\n<html><head>\\n<title>404 Not Found</title>\\n</head><body>\\n<h1>Not Found</h1>\\n<p>The requested URL was not found on this server.</p>\\n<hr>\\n<address>Apache/2.4.38 (Debian) Server at 172.16.10.46 Port 80</address>\\n</body></html>\\n\"} error"}

my etc/kibana/kibana.yml is shown below:

server.port: 5601
# elasticsearch.url: "http://localhost:92000"  // .url didnt workout either
elasticsearch.hosts: http://172.16.10.46
server.host: 172.16.10.46

My elasticsearch network settings ( etc/elasticsearch/elasticsearch.yml ) is shown below:

# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
# network.host: 192.168.0.1
# _local_ equals 127.0.0.1 and 0.0.0.0 or a sinigle 0 stands for bind to all IP addresses
# 
network.host: 0
#
# Set a custom port for HTTP:
#
http.port: 9200

I'm not sure what goes wrong here, i installed the free versions of all, the errors are about licensing?? but it might as well be i think that one of my above yml files has a wrong settings as i had no clear idea of how that should look like, and i based it eventually on some article i found without knowing if they're ok.

Peter_Boos · July 23, 2020, 10:05am

Update :
I changed a line /etc/kibana/kibana.ym in to

elasticsearch.hosts : ["http://172.16.10.46:9200"]

It got me rid of the long licensing error, but i got two repeating errors back now:

Jul 23 12:03:01 ELK kibana[569]: {"type":"log","@timestamp":"2020-07-23T10:03:01Z","tags":["warning","elasticsearch","admin"],"pid":569,"message":"Unable to revive connection: http://172.16.10.46:9200/"}
Jul 23 12:03:01 ELK kibana[569]: {"type":"log","@timestamp":"2020-07-23T10:03:01Z","tags":["warning","elasticsearch","admin"],"pid":569,"message":"No living connections"}

I hope someone might recognize what goes wrong here, to me its all new.

Peter_Boos · July 23, 2020, 10:24am

Well I think I solved it. Adding a bit more to the previous one.
Though as a newbie i'm not sure if this is the proper way

Since i was running headless, i couldn't work with local 127.0.0.1

Therefore since its not on 127.0.0.1 it seams to require a change in elasticsearch.yml as well.

Apparently elasticsearch can work over multiple nodes when its in 'production' while production is every ip not on 127.0.0.1 well i'm headless so i'm in production mode as far as elastic search understands

In production however, elastic search can be configured over multiple servers, and even clusters. And when it startsup it suspects that, so to circumvent that, I needed to tell its only a single server.
So I altered a line to explain there are no other elastic searchers empty brackets line [ ]

discovery.seed_hosts: []

If this really is the proper answer please someone more experienced confirm then i mark it as solution so others running headless can use it as well

Mikhail_Shustov · July 23, 2020, 12:36pm

Hi, Peter. I'm moving this subject to Elasticsearch topic so that someone from the elasticsearch team might confirm this.

system · August 20, 2020, 12:36pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.